{"id":9503,"date":"2020-08-31T06:18:32","date_gmt":"2020-08-31T06:18:32","guid":{"rendered":"https:\/\/www.experfy.com\/blog\/?p=9503"},"modified":"2023-11-13T15:52:58","modified_gmt":"2023-11-13T15:52:58","slug":"cyber-security-beyond-a-mere-operational-approach","status":"publish","type":"post","link":"https:\/\/www.experfy.com\/blog\/bigdata-cloud\/cyber-security-beyond-a-mere-operational-approach\/","title":{"rendered":"Cyber Security: Beyond a Mere Operational Approach"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"9503\" class=\"elementor elementor-9503\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-24ba9a3c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"24ba9a3c\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1c2eec43\" data-id=\"1c2eec43\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-62ae4fcf elementor-widget elementor-widget-text-editor\" data-id=\"62ae4fcf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"has-medium-font-size\"><strong>The post-COVID winners will be those who treat it strategically now<\/strong><\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>\u00a0C-level executives must stop looking at cyber security as a mere operational matter: Something which is below them and is dealt with somewhere below them in the organisation. It is the type of mental attitude which is has led to twenty years of maturity stagnation in real terms across the security industry, in spite of the billions spent with tech vendors.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d401716 elementor-widget elementor-widget-text-editor\" data-id=\"d401716\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Talking about industry stagnation is a way of highlighting that the security industry keeps going round in circles and that topics \u2013 such as the timely deployment of security patches for example \u2013 keep coming back regularly towards the top of the agenda, although they have been known \u2013 and could have been addressed \u2013 for more than a decade.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>But as a matter of fact, the situation is getting worse, and firms \u2013 large and small \u2013 have been facing a non-stop tidal wave of cyber attacks over the past few years in spite of the\u00a0<a href=\"https:\/\/corixpartners.com\/security-products-vendors-proliferation\/\" target=\"_blank\" rel=\"noreferrer noopener\">proliferation<\/a>\u00a0of tech products in that space.<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f0de94a elementor-widget elementor-widget-text-editor\" data-id=\"f0de94a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Fundamentally, pure operational approaches to cyber security have failed. They have not managed to keep in phase with the digital transformation of many businesses, the emergence of cloud solutions and the de-perimeterization of the enterprise. They have fallen victim to adverse prioritization and internal politics in many large firms or have not been able to focus beyond illusory quick wins.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>In fact, taking a pure operational approach to cyber security fails because it downgrades a complex matter and negates its true dimension. It is not \u2013 and has never been \u2013 a purely technical problem. The protection of the enterprise \u2013 by its employees \u2013 against external threats is rooted in corporate values and management practices. And that\u2019s where the solution should start.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aeca411 elementor-widget elementor-widget-text-editor\" data-id=\"aeca411\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Good and clear\u00a0<a href=\"https:\/\/corixpartners.com\/good-security-governance-consultant-jargon\/\" target=\"_blank\" rel=\"noreferrer noopener\">governance<\/a>\u00a0must be in place around cyber security and be visible up to the top. This must now be a Board matter in the face of non-stop cyber-attacks, and it must be visibly owned by a Board member.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>It is also a transversal problem, and not just a technical one. Business units and support functions must be directly involved in any cyber security programme of work, not just IT.<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-281ef8e elementor-widget elementor-widget-text-editor\" data-id=\"281ef8e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>There will be no magical or instant solution where cyber security maturity levels are low. Improvement will require transformative work at a number of levels across the enterprise and probably over the mid to long-term.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>The current situation around COVID-19 makes the message ever harder to accept, as uncertainty dominates, budgets tighten and\u00a0<a href=\"https:\/\/corixpartners.com\/can-you-still-afford-not-to-afford-cyber-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">priorities<\/a>\u00a0have to be set ruthlessly. But the hard realities around cyber security remain the same. And buying some tech\u00a0<a href=\"https:\/\/corixpartners.com\/cyber-security-misleading-message-technology-industry\/\" target=\"_blank\" rel=\"noreferrer noopener\">silver bullet<\/a>\u00a0is not likely to solve it for you, in spite of what countless vendors would like you to believe.<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-31a3b76 elementor-widget elementor-widget-text-editor\" data-id=\"31a3b76\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>At the same time, maintaining good cyber security has never been more essential, as the digital transformation\u00a0<a href=\"https:\/\/enterprisersproject.com\/article\/2020\/5\/digital-transformation-how-speed-up\" target=\"_blank\" rel=\"noreferrer noopener\">accelerates<\/a>\u00a0and the economy at large shifts towards operating models which present much broader attack surfaces to cyber threats and are \u2013 effectively \u2013 entirely dependent on secure and stable practices.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>Post-COVID, concerns will return of regulatory and legal friction around the security of personal data, and the corporate resilience to cyber-attacks. Privacy concerns have not disappeared during the lockdown. In fact, the debate around the introduction of tracing apps in some western countries has highlighted the vitality of the topic and it is likely \u2013 going forward \u2013 that citizens and customers will demand a greater sense of purpose from businesses and greater respect for their personal data.<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-02172e3 elementor-widget elementor-widget-text-editor\" data-id=\"02172e3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Good cyber security \u2013 and data privacy \u2013 practices are essential pillars supporting digital trust, and digital trust will be the cornerstone of the post-COVID \u201cnew normal\u201d.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>Now is the time to treat cyber security strategically \u2013 not tactically \u2013 and to embed it into your culture \u2013 not just your technology or your operations.<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>The post-COVID winners will be those who seize the moment.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Now is the time to treat cyber security strategically \u2013 not tactically \u2013 and to embed it into your culture \u2013 not just your technology or your operations. The post-COVID winners will be those who seize the moment.<\/p>\n","protected":false},"author":529,"featured_media":9504,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[187],"tags":[462,586],"ppma_author":[3178],"class_list":["post-9503","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bigdata-cloud","tag-cyber-security","tag-operational-approach"],"authors":[{"term_id":3178,"user_id":529,"is_guest":0,"slug":"jean-christophe-gaillard","display_name":"Jean-Christophe Gaillard","avatar_url":"https:\/\/www.experfy.com\/blog\/wp-content\/uploads\/2020\/04\/medium_b55e5afa-fb86-428a-a054-3be0451df2a4-150x150.jpg","user_url":"https:\/\/www.corixpartners.com","last_name":"Gaillard","first_name":"Jean-Christophe","job_title":"","description":"Jean-Christophe Gaillard\u00a0is Managing Director and Founder at Corix Partners. He is also a Non-Executive Director with\u00a0<a href=\"https:\/\/www.stratasecurity.co.uk\/\">Strata Security Solutions<\/a>, a specialized cybersecurity firm. He has been co-president of the Cyber Security group of the\u00a0<a href=\"https:\/\/www.telecom-paristech.org\/\">Telecom Paris Tech alumni association<\/a>\u00a0since May 2016. He is the author of \u201c<a href=\"http:\/\/www.blurb.co.uk\/b\/9015902-cyber-security-the-lost-decade-2018-edition\" target=\"_blank\" rel=\"noopener\">Cyber Security: The Lost Decade<\/a>\u00a0\u2013 A Security Governance Handbook for the CISO and the CIO\u201d, He contributes regularly to\u00a0<a href=\"http:\/\/www.thedigitaltransformationpeople.com\/authors\/jc-gaillard\">The Digital Transformation People<\/a>,\u00a0<a href=\"http:\/\/www.business2community.com\/author\/jc-gaillard\">Business 2 Community<\/a>, and\u00a0<a href=\"https:\/\/www.iotforall.com\/\">IoTforAll<\/a>\u00a0platforms, as well as the\u00a0<a href=\"https:\/\/www.thebtn.tv\/\">Business Transformation Network<\/a>. He is an expert contributor on the\u00a0<a href=\"https:\/\/ciowatercooler.co.uk\/members\/jean-christophe-gaillard\/activity\/\">CIO Water Cooler<\/a>\u00a0and has previously published articles on\u00a0<a href=\"https:\/\/www.infosecurity-magazine.com\/opinions\/bridging-gap-security-it-operations\/\">InfoSecurity<\/a>\u00a0Magazine, \u00a0<a href=\"http:\/\/www.computing.co.uk\/ctg\/opinion\/2396800\/how-to-achieve-effective-cyber-security-in-a-hyperconnected-world\">Computing<\/a>, the C-Suite.co.uk,\u00a0<a href=\"http:\/\/www.informationsecuritybuzz.com\/?s=gaillard\">Info Sec Buzz<\/a>\u00a0and the\u00a0<a href=\"http:\/\/www.director.co.uk\/blog-cyber-insurance-what-do-you-think-youre-buying-20323\/\">IoD Director<\/a>\u00a0websites."}],"_links":{"self":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/9503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/users\/529"}],"replies":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/comments?post=9503"}],"version-history":[{"count":4,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/9503\/revisions"}],"predecessor-version":[{"id":34069,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/9503\/revisions\/34069"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media\/9504"}],"wp:attachment":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media?parent=9503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/categories?post=9503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/tags?post=9503"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=9503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}